diff options
| author | 6543 <6543@obermui.de> | 2021-05-09 16:13:35 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-09 16:13:35 +0200 |
| commit | a229e3438780a18d283b21920c5ccd1670e5f747 (patch) | |
| tree | fee51422c56b2c237b796ca5fd3ff004cdcd96b8 /routers | |
| parent | e818e9150f63b5e68ec3018c61c1fae98b1eb1ed (diff) | |
| download | gitea-a229e3438780a18d283b21920c5ccd1670e5f747.tar.gz gitea-a229e3438780a18d283b21920c5ccd1670e5f747.zip | |
Allow only internal registration (#15795)
* Add ALLOW_ONLY_INTERNAL_REGISTRATION into settings
* OpenID respect setting too
Diffstat (limited to 'routers')
| -rw-r--r-- | routers/user/auth.go | 5 | ||||
| -rw-r--r-- | routers/user/auth_openid.go | 9 |
2 files changed, 11 insertions, 3 deletions
diff --git a/routers/user/auth.go b/routers/user/auth.go index f29e1cc4d0..cfe116c902 100644 --- a/routers/user/auth.go +++ b/routers/user/auth.go @@ -617,7 +617,7 @@ func SignInOAuthCallback(ctx *context.Context) { } if u == nil { - if setting.OAuth2Client.EnableAutoRegistration { + if !(setting.Service.DisableRegistration || setting.Service.AllowOnlyInternalRegistration) && setting.OAuth2Client.EnableAutoRegistration { // create new user with details from oauth2 provider var missingFields []string if gothUser.UserID == "" { @@ -828,6 +828,7 @@ func LinkAccount(ctx *context.Context) { ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey ctx.Data["DisableRegistration"] = setting.Service.DisableRegistration + ctx.Data["AllowOnlyInternalRegistration"] = setting.Service.AllowOnlyInternalRegistration ctx.Data["ShowRegistrationButton"] = false // use this to set the right link into the signIn and signUp templates in the link_account template @@ -993,7 +994,7 @@ func LinkAccountPostRegister(ctx *context.Context) { return } - if setting.Service.DisableRegistration { + if setting.Service.DisableRegistration || setting.Service.AllowOnlyInternalRegistration { ctx.Error(http.StatusForbidden) return } diff --git a/routers/user/auth_openid.go b/routers/user/auth_openid.go index 863fa67184..45405320e2 100644 --- a/routers/user/auth_openid.go +++ b/routers/user/auth_openid.go @@ -249,7 +249,7 @@ func signInOpenIDVerify(ctx *context.Context) { log.Error("signInOpenIDVerify: Unable to save changes to the session: %v", err) } - if u != nil || !setting.Service.EnableOpenIDSignUp { + if u != nil || !setting.Service.EnableOpenIDSignUp || setting.Service.AllowOnlyInternalRegistration { ctx.Redirect(setting.AppSubURL + "/user/openid/connect") } else { ctx.Redirect(setting.AppSubURL + "/user/openid/register") @@ -267,6 +267,7 @@ func ConnectOpenID(ctx *context.Context) { ctx.Data["PageIsSignIn"] = true ctx.Data["PageIsOpenIDConnect"] = true ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp + ctx.Data["AllowOnlyInternalRegistration"] = setting.Service.AllowOnlyInternalRegistration ctx.Data["OpenID"] = oid userName, _ := ctx.Session.Get("openid_determined_username").(string) if userName != "" { @@ -328,6 +329,7 @@ func RegisterOpenID(ctx *context.Context) { ctx.Data["PageIsSignIn"] = true ctx.Data["PageIsOpenIDRegister"] = true ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp + ctx.Data["AllowOnlyInternalRegistration"] = setting.Service.AllowOnlyInternalRegistration ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha ctx.Data["Captcha"] = context.GetImageCaptcha() ctx.Data["CaptchaType"] = setting.Service.CaptchaType @@ -367,6 +369,11 @@ func RegisterOpenIDPost(ctx *context.Context) { ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey ctx.Data["OpenID"] = oid + if setting.Service.AllowOnlyInternalRegistration { + ctx.Error(http.StatusForbidden) + return + } + if setting.Service.EnableCaptcha { var valid bool var err error |